r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2160
Expires: Wed, 07 Dec 2022 18:34:32 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11455
Expires: Wed, 07 Dec 2022 21:09:27 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2505
Expires: Wed, 07 Dec 2022 18:40:17 GMT
Date: Wed, 07 Dec 2022 17:58:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 17:08:04 GMT
content-type: application/json
age: 3028
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l2ZDTZdpxSlSIP55W5WK6OLd1UWGxbYiJcoObjo81TirddEzbGHKYmxGR6y9Hg1odmt0SSW2P7Ho8dTvFqee8A==
x-amz-request-id: 67G7C90HQ2KVD57F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 17:49:27 GMT
age: 545
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
foodheed.com/irtu/index.php?QBOT.zip
199.188.200.95301 Moved Permanently 707 B URL HTTP/1.1 foodheed.com/irtu/index.php?QBOT.zip
IP 199.188.200.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 07 Dec 2022 17:58:32 GMT
server: LiteSpeed
location: https://foodheed.com/irtu/index.php?QBOT.zip
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 17:58:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 17:07:55 GMT
age: 3038
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4e1cfdbefae5bc7d344cf9dc1ed67397
40d3b325990a497a476c0e245a1d8532fd8d3536
33355c21e2641fb025fcbd244e94afd88d98029cb5c101e5f7cea2fe79fa7353
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 17:58:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:10:26 GMT
Expires: Tue, 13 Dec 2022 01:10:25 GMT
Etag: "40d3b325990a497a476c0e245a1d8532fd8d3536"
Cache-Control: max-age=457311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775f2669bcc8b4f9-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 384
Cache-Control: max-age=141281
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:33 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:13:14 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
foodheed.com/irtu/index.php?QBOT.zip
199.188.200.95301 Moved Permanently 0 B URL HTTP/2 foodheed.com/irtu/index.php?QBOT.zip
IP 199.188.200.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://foodheed.com/irtu/?QBOT.zip
x-litespeed-cache: hit
content-length: 0
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ueepCGk4m1Q+yToqoZK8JA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0FTzcfV+tAqbOI1M7md6D0BjwD4=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1
IP 142.250.74.106:0
Hash e2b108c2f517d8d86afe6759f93744cf
e9f939ec30e57283e84810bfbf32594358590bbe
5e7e691266c3b6ea87c620945de60c7255cf64f0e43be38ef44d1fcb65c6318c
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 17:58:33 GMT
date: Wed, 07 Dec 2022 17:58:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
199.188.200.95200 OK 12 kB URL HTTP/2 foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "172a9-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/css/classic-themes.min.css?ver=1
199.188.200.95200 OK 217 B URL HTTP/2 foodheed.com/wp-includes/css/classic-themes.min.css?ver=1
IP 199.188.200.95:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "d9-639085fb-0;;;"
accept-ranges: bytes
content-length: 217
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
199.188.200.95200 OK 4.4 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
IP 199.188.200.95:0
File type ASCII text, with very long lines (37612), with no line terminators
Hash 4df29c95b736edeeeb33bc7693a99b37
2c41e37aedc03a40d919cba6c90029082d222899
6b7be65cdd77f9d800f56a7c4827f598b866f0fde41a6bd5d297d3bbeb5aedf7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:23 GMT
etag: "92ec-633474bf-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4410
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
199.188.200.95200 OK 24 kB URL HTTP/2 foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (378)
Hash 73a81e49111a6b3e5c477111f2687bca
05af1a4ed04a36d89871640163f912143b5ab61e
6960a5bcf7eceba66da9c9a8a9b18a95d90055c88a3200aec9aa4b10c3f9a471
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Newspaper/style.css?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "24a56-63347382-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24019
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
199.188.200.95200 OK 23 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
IP 199.188.200.95:0
Hash 70a20362ee876fa98945ebefcac79f2a
513be3cadaf66f2dd0a7e5071d3b1bc9a9327d44
86aad8e8e06f7add22519ada2dd449a988af6b2b1741de702b4a592f7964e211
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "27b2d-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23083
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.188.200.95200 OK 4.0 kB URL HTTP/2 foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.188.200.95:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "2bd8-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
199.188.200.95200 OK 30 kB URL HTTP/2 foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "15e54-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/images.jpg
199.188.200.95200 OK 14 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/images.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 217x232, components 3\012- data
Hash 2bafa89ed5da31749073f2aed532f88e
c1da0da88b38cab941017754e88621a62cdc0df2
1f5bd6173b2433351b0741c5e8c2ec2b4bc8dfebc8f4433dd6a5b0e96a6eb27b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/images.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 21:57:04 GMT
etag: "34c2-633dfdb0-0;;;"
accept-ranges: bytes
content-length: 13506
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 599080
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 599059
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 169553
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 89246
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
199.188.200.95200 OK 4.6 kB URL HTTP/2 foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:28 GMT
etag: "48b9-639085fc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7323
Expires: Wed, 07 Dec 2022 20:00:37 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 72174
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 69990
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 42413
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:20:15 GMT
age: 20299
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:10:36 GMT
age: 38878
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 71008
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cb1aa6fd626d0951c4ec7afdc6ee824
459ccb1dd034e7710a31983256a40fe923a9a469
0bdcb65a76cc55a23e73819f3bcff61058324181c21bf886a4d2f31b0e74182f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BDCB65A76CC55A23E73819F3BCFF61058324181C21BF886A4D2F31B0E74182F"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Wed, 07 Dec 2022 20:47:57 GMT
Date: Wed, 07 Dec 2022 17:58:34 GMT
Connection: keep-alive
foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg
199.188.200.95200 OK 34 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Songwuth Suwannawong | Dreamstime.com], baseline, precision 8, 768x432, components 3\012- data
Hash 598e4b65ab4e930e60a5797b2703a682
9d7ae01277f4647c1de61c956c9721a613c59fe8
531edcfb33f2d82d5fb388eb5daef884997148769babb8cde46582329e4ee237
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 21 Sep 2022 18:24:14 GMT
etag: "86ac-632b56ce-0;;;"
accept-ranges: bytes
content-length: 34476
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
way.specialblueitems.com/src/main.js?v=2.01
159.69.234.10200 OK 3.1 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=2.01
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9732), with no line terminators
Hash ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
GET /src/main.js?v=2.01 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Sat, 17 Dec 2022 17:58:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
199.188.200.95200 OK 62 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (670)
Hash 59ce4486311c4c3b21e271477855e4d9
7cb4990ec57034172c7c3505cd6b3923ded550c5
51d72e5eef64bd08d5a601c7c40ca84e11dcecf95e5ba6b5c36a095dce231e86
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/x-javascript
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "44c89-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61906
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg
199.188.200.95200 OK 91 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251samael334 - stock.adobe.com], baseline, precision 8, 768x402, components 3\012- data
Hash 83a396f0baac36df808b2493ca3c1331
3cf861ab75b8752124a7c15d0d53aa905aa3f974
b3585f0c6f59995830c8878d7ce9381ca6291c6e109de0b9ebdec6759835e5f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/facts-fats-768x402.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Fri, 23 Sep 2022 20:09:18 GMT
etag: "1648a-632e126e-0;;;"
accept-ranges: bytes
content-length: 91274
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg
199.188.200.95200 OK 110 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x308, components 3\012- data
Size 110 kB (110315 bytes)
Hash f251abd0d755c2b44438e3150b82bce7
c35d4a0ded8299b834de23a0eff685002b50c65a
c4a7ba5b48972242de382df25c0405036e5bf300d63ef37816d41c1c9690a545
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/beef-biryanirf.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Sun, 02 Oct 2022 17:45:08 GMT
etag: "1aeeb-6339ce24-0;;;"
accept-ranges: bytes
content-length: 110315
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg
199.188.200.95200 OK 160 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x960, components 3\012- data
Size 160 kB (160123 bytes)
Hash 208dab7db74d317624604117be02cfc0
0ec38631156ba5372528368d41c0d146df180cad
938d03c2b81d4200687fb32936962985310177ec9f4d9832d1ebab49410be84c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:26:25 GMT
etag: "2717b-633e0491-0;;;"
accept-ranges: bytes
content-length: 160123
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
199.188.200.95200 OK 29 kB URL HTTP/2 foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP 199.188.200.95:0
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: application/font-woff
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "703c-63347382-0;;;"
accept-ranges: bytes
content-length: 28732
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/09/bg8.jpg
199.188.200.95200 OK 117 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/bg8.jpg
IP 199.188.200.95:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x400, components 3\012- data
Size 117 kB (116827 bytes)
Hash 190ad01279dfb64195cce964380ad0f8
34b27609e88f53bdf65ea70a182275ef73040e12
d4cde4e9b67326a711accef23cfdc7fc2c48678961634a6564b32f87ef025cdb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bg8.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:08 GMT
etag: "1c85b-633478ac-0;;;"
accept-ranges: bytes
content-length: 116827
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9810fa6e235eb9cb7bd84b81093859db
6a90826bc184a29f7e6a32251fa01756365df26a
e2d3f729c0697974845aaeb59ae4d31790e2ef3c7ffc17489e06f11f9e2645d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2D3F729C0697974845AAEB59AE4D31790E2EF3C7FFC17489E06F11F9E2645D8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=830
Expires: Wed, 07 Dec 2022 18:12:25 GMT
Date: Wed, 07 Dec 2022 17:58:35 GMT
Connection: keep-alive
js.interestmoments.com/scripts/trim.js
193.169.194.63200 OK 2.2 kB URL HTTP/1.1 js.interestmoments.com/scripts/trim.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (6444), with no line terminators
Hash 68f64aa377a0e32ed510fd286ffd5b48
d215b23cb14a3dbd5474bbdbe9290541c449359d
0facd0bcf777d8176a4bbc3e14172fdab4c11aae196591ee3ba8ffddee0ec042
GET /scripts/trim.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907bd9-192c"
Expires: Sat, 17 Dec 2022 17:58:35 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9573cd12467be4696ad4e51d6cf2206
b899111d6ab445ad5f815abfb990dfa9c7adb6e3
03bebe8919d9e161fd41db70e90215ed44cd27f71fba29ac319e94f10f9d67a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03BEBE8919D9E161FD41DB70E90215ED44CD27F71FBA29AC319E94F10F9D67A7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Wed, 07 Dec 2022 19:07:31 GMT
Date: Wed, 07 Dec 2022 17:58:36 GMT
Connection: keep-alive
long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/brad-way.php?id=16477-22-569654345&pid=235&qid=473 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 17:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful
Access-Control-Allow-Origin: *
long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful
193.169.194.63200 OK 438 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0525d77ebdf7de03d247fdcd914fc360
5ec7fc9668bf62b50ab46497eb3aa67a60c0496d
c548a1af5170a6a7a699b50b9e7bbd50e45d6f7f0f38639e70a80dfabd435781
GET /go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=tearful HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 17:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg
199.188.200.95200 OK 180 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg
IP 199.188.200.95:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 933x1400, components 3\012- data
Size 180 kB (180112 bytes)
Hash 9d55788be7e80e2215a40452b5f9a7f7
0983affc62d8add1068c2bce0ff0ed52aec21bfe
f9c2d830dec23812d59ebd87786d293b815b704407de9f853979ba5f9a71a766
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bg_mobile.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:34 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:01 GMT
etag: "50846-633478a5-0;;;"
accept-ranges: bytes
content-length: 329798
date: Wed, 07 Dec 2022 17:58:34 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
biamo.bet/?faff=2543
108.156.60.56200 OK 13 kB IP 108.156.60.56:0
Hash 6a73e753f8ff46aba43d343c5bcb730c
b915e111b717fe62eca6ddc7ac49bb0338adf5a8
6162b7b8a212984bb13a92b54dce61e844a2e31ebcaac84d5ac3c02d706739a1
GET /?faff=2543 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Wed, 07 Dec 2022 17:58:37 GMT
set-cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; expires=Wed, 14-Dec-2022 17:58:37 GMT; Max-Age=604800; path=/; domain=biamo.bet
faff=faff%3D2543; expires=Wed, 14-Dec-2022 17:58:37 GMT; Max-Age=604800; path=/; domain=biamo.bet
sitelang=en; expires=Fri, 06-Jan-2023 17:58:37 GMT; Max-Age=2592000; path=/
x-geo-detected: nor
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435917.201
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tQuLrQHR9aPUWwA5QayujOyY3TRRjn5jaxTbf4C3UjpTVBAWvd_xHw==
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg
199.188.200.95200 OK 2.7 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg
IP 199.188.200.95:0
File type gzip compressed data, from Unix\012- data
Hash c359052dd9c89923a29ae1df5476626e
b7777098c9677c37b1a19a0ec3ae5d0dbd265e4f
b9380439b34b3eae516975f7b968d69e2f8de12f57a446c96ffcb432d23540ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/CampfireCake600x600.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:58:33 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:19:28 GMT
etag: "1852b-633e02f0-0;;;"
accept-ranges: bytes
content-length: 99627
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash dfceec2f5d35ce8962b1805e7fdc8d3b
eac5c037076dfeb3e400fdcd3155ea517dd3d253
a4ab15e40560ff1bee8ede5ec48a1ca476df3b64c0d7df65f838714d56da7e15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Last-Modified: Wed, 07 Dec 2022 16:26:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtm.js?id=GTM-P75XW8W
172.217.21.168200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P75XW8W
IP 172.217.21.168:0
File type ASCII text, with very long lines (6039)
Hash 8ccea5fbee3d0ebe528d504bbecdfe5e
7497ff21aa16639f3274ad6d548cfa67719bc4a7
9346c18520e7687cc42edf2f08895e9ebefc5b1ff41ec0930b4abb545dfb20c7
GET /gtm.js?id=GTM-P75XW8W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Wed, 07 Dec 2022 17:58:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fed097e2f8a98b35ebc26f05ede99fb
53e71a856d114a325df91d175a8e48871355ecb6
9ec774d0fd58ccbcbf92909cc64efa6e68c1dcbeed740e2e329f9ad74da1b288
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9EC774D0FD58CCBCBF92909CC64EFA6E68C1DCBEED740E2E329F9AD74DA1B288"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Wed, 07 Dec 2022 19:24:20 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9434a41807fc9b6471702e73ae767dca
2e7e2e21b3a5b6d98d8ebcb6e73ee2a04dd8550b
e74bd300b4872f26d89b475edb7f8b2be9f538c3c0488d0cf9014b2f2662475b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E74BD300B4872F26D89B475EDB7F8B2BE9F538C3C0488D0CF9014B2F2662475B"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9905
Expires: Wed, 07 Dec 2022 20:43:42 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fed097e2f8a98b35ebc26f05ede99fb
53e71a856d114a325df91d175a8e48871355ecb6
9ec774d0fd58ccbcbf92909cc64efa6e68c1dcbeed740e2e329f9ad74da1b288
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9EC774D0FD58CCBCBF92909CC64EFA6E68C1DCBEED740E2E329F9AD74DA1B288"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Wed, 07 Dec 2022 19:24:20 GMT
Date: Wed, 07 Dec 2022 17:58:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11641679.fls.doubleclick.net/activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543?
142.250.74.38200 OK 2.0 kB URL HTTP/2 11641679.fls.doubleclick.net/activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543?
IP 142.250.74.38:0
File type ASCII text, with very long lines (5120), with no line terminators
Hash 1c3f06b2f385bd4d612dd422b79b6832
a4f43afd4d3e988d65b7d51911289181091b40c6
fbd1ec259a2995972fb1e40a25a1cb1a593b907f7fb58170464aa2ae6a8fbafb
GET /activityi;src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543? HTTP/1.1
Host: 11641679.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 239
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 18:13:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js
108.156.60.56200 OK 29 kB URL HTTP/2 biamo.bet/static/dist/polyfills.7c4e8a3bf53f3c3e.js
IP 108.156.60.56:0
Hash ad709bf3e13291df3e8b4f1f436d98e3
12e7f55793d81a430b88c9e47a89c781d1a0d9a8
807d1632d06161e1cb13e3615edf8d2dfa9e2a1797a7e20ced0d1cdcbf34c71c
GET /static/dist/polyfills.7c4e8a3bf53f3c3e.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 15:16:09 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-1322b"
expires: Thu, 08 Dec 2022 15:16:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: TkTS54l9CBoe30As0bPsN4fgONM9fFROLKswCkwqp1_0VIvaElALZw==
age: 9748
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
142.250.74.34200 OK 239 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (455), with no line terminators
Hash 427ac7b3aba6186defab6684b54d8cac
c6cb68240abb7143624a3e886ce2d66c44cd3175
e466073a6928c69934726720117f612dfca6b3082b2571758eee63dd9464662d
GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
142.250.74.34302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://11641679.fls.doubleclick.net/ddm/fls/r/src=11641679;type=users00;cat=all_u0;ord=6212697906731;gtm=2wgbu0;auiddc=1020922586.1670435917;~oref=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zeniocloud.com/LAIA.js?sub1=biamobet
167.114.67.56200 OK 804 B URL HTTP/2 zeniocloud.com/LAIA.js?sub1=biamobet
IP 167.114.67.56:0
Hash 33e847bf41115beecd9d94b33061c9dd
57b8ce9a7f6e835350b23c4526bbe7a5786c8b6d
6f8063b99748d85105e53ce42ad04ef4feff694b0286aa46b3d6ae5740cbf382
GET /LAIA.js?sub1=biamobet HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 78a109574da6617124fdd6ade9b2c501
a35690bcda63041e55ba95f41a14ef0dd2007337
177dafb48a1cf4878dcbbdc580bbe865776bfaf34b885cdb886b66040c58d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.162200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (2772)
Hash b7bfb38de42aafcf20ec09cb43f51b2e
2329a485f1e5f5a2fdd8158d335fdd5a2683be55
6391614bdd92fbab896b523130690059cea5159fb598ae07fd89e5c46a2a2da0
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:38 GMT
expires: Wed, 07 Dec 2022 17:58:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6351308751113588399
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biamo.bet/api/v1/games?slim=true
108.156.60.56200 OK 293 kB URL HTTP/2 biamo.bet/api/v1/games?slim=true
IP 108.156.60.56:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64564), with no line terminators
Size 293 kB (293275 bytes)
Hash 024d0c670a72e6aa5852e70ad48a0815
7c65d01ee24363e0463fb32946b0ee0ac68bf679
77859df506eb936589155ec2d986535887f674c5048ec726b4a73c935601b691
GET /api/v1/games?slim=true HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 293275
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435918.066
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 48aXhOobrde3SIMx9_IxyyoiPn4bYjVhc1qGu3z2oz1qDy7v_Z13yw==
X-Firefox-Spdy: h2
biamo.bet/api/v1/bootstrap
108.156.60.56200 OK 11 kB URL HTTP/2 biamo.bet/api/v1/bootstrap
IP 108.156.60.56:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64660), with no line terminators
Hash 162306505672b72d3ea14bda260c10d3
06b384d736da0ca288ed0f5a9a61c851716f3e73
c3586748e96d72b49aecacfaa7f0bacb892c1dc52de727afce1decb41747b8e9
GET /api/v1/bootstrap HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 11016
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate, private, private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435918.075
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: QPApw7wF4wI7FFSL1JAFOee96EA6gARuSXlIpfsU-rZzP4njfQVjPg==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP 216.58.211.3:0
Hash ff4ee23df156a89f76e7725813988a4a
23b4cf109ec962022fae3be3c7200e5b94eb0ce0
7304ad8a37f3389bb8daa9f7c4a530a3291260486165e881bf9212c5be0103bc
POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD>m=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD>m=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-4L2GVL08BD>m=2oebu0&_p=1460333489&cid=143091376.1670435917&ul=en-us&sr=1280x1024&_s=1&sid=1670435917&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://biamo.bet
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://biamo.bet
date: Wed, 07 Dec 2022 17:58:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biamo.bet/static/images/logo.svg
108.156.60.56200 OK 23 kB URL HTTP/2 biamo.bet/static/images/logo.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1325)
Hash bb7cb570e9d5425a3deef32f94f18614
de56f2aa44d00d96a522052e4fe54f27ce5f3c9d
56970ecce9989597bf8556d5b6cf24d3fc5044b8ce6e38f0fcb6c571767ea640
GET /static/images/logo.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/static/css/app.loader.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-205d"
expires: Thu, 08 Dec 2022 17:58:38 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: BoWgqqj-r8r4F-SowlOs6BFgSsrAvHvz85vzVTnBe3Mddg9baIelzw==
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT
142.250.74.110200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT
IP 142.250.74.110:0
File type ASCII text, with very long lines (1921)
Hash a4d87ca5ec0135e919a46abc4816c893
eefd302fe096696722d0e819d7958118cf3efa98
fdab9fcc23c2f95a1a6d64449a9f0b4310d37eddde99eb483106095e366ca96e
GET /gtm/optimize.js?id=OPT-TPW6QGT HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:38 GMT
expires: Wed, 07 Dec 2022 17:58:38 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/flog
108.156.60.56200 OK 15 kB IP 108.156.60.56:0
Hash 89a91477ba7388b0f266f7388dfb64cc
0621994d97f4eb1da0c32ea1a8836d628231c57a
49c7d152964f625ae9a8b2c7cae5651a0da8a38ebab318943fd8138ead12f2b2
POST /flog HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/?faff=2543
Content-Type: text/plain;charset=UTF-8
Origin: https://biamo.bet
Content-Length: 114
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wednesday, 07-Dec-2022 17:58:38 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: pXFDdjT2ETUgBXd8rV_GX17vnE2UZNKNuT2qXV1SMELjl2RVvBpLvQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/main.27ecb0b86bc93f8a.js
108.156.60.56200 OK 697 kB URL HTTP/2 biamo.bet/static/dist/main.27ecb0b86bc93f8a.js
IP 108.156.60.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 697 kB (696807 bytes)
Hash 56c6da4731b411615c7a0699bcece971
fc694ddc1de5a6d0c09f0c821cf6fab1e6dd2442
dc08e379fbb42912c7e7520122e8b3175ba3e6d117ecf5c21a80c39ab468f999
GET /static/dist/main.27ecb0b86bc93f8a.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 15:16:09 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-28dcb0"
expires: Thu, 08 Dec 2022 15:16:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 3NABNzniX60KHBSjZmrf123Hy4Pf8C8a0Pnx_esyHM5z8PB25YcKzQ==
age: 9748
X-Firefox-Spdy: h2
biamo.bet/ngsw-worker.js
108.156.60.56200 OK 15 kB IP 108.156.60.56:0
Hash 649e86b56f0f04cbfdabcb27c3d63f97
88bc8b386886bcc9274d67ff662207e7cd702bbd
5786a8312033602bee1291dfcdde3a87530f1d757fb56422f5e6f6ca61f334d4
GET /ngsw-worker.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 09:01:55 GMT
etag: W/"63905683-103ee"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: nMVhgGksKD5-eV2I-IDN4d3UBL37WsSIhTZK__KWsycrodFuplM6Vw==
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd=
172.217.21.162302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd=
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 18:13:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP 216.58.211.3:0
Hash ff4ee23df156a89f76e7725813988a4a
23b4cf109ec962022fae3be3c7200e5b94eb0ce0
7304ad8a37f3389bb8daa9f7c4a530a3291260486165e881bf9212c5be0103bc
POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash a6fe877db064e1fcaef1740cc1c2fd75
ca27e395d7988fafddd0b3a844d4d7e5caa778fc
f543ac61f8726222351bf9bf2ce75e0de6dc350b88707296e6b7efbabe865654
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 17:58:38 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 14:52:31 GMT
ETag: "ca27e395d7988fafddd0b3a844d4d7e5caa778fc"
Last-Modified: Wed, 07 Dec 2022 14:52:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775f268c0e820b49-OSL
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 17:58:38 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 18:58:38 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js
108.156.60.56200 OK 484 B URL HTTP/2 biamo.bet/static/dist/common.ebd2e2658d2ed4ff.js
IP 108.156.60.56:0
File type ASCII text, with very long lines (484), with no line terminators
Hash badf08d1a53e2616b83fbb00701f7b88
ef8aff576aad7b8b0c1522a32f84cefb612b1d7d
8eb9a98742f149a0fc00ca68245c055f6066b4c8f2213298375074a41f3d526e
GET /static/dist/common.ebd2e2658d2ed4ff.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 484
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: "63905682-1e4"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: LEB6n6-nj4ftuwerjleQEbJbpjySmHUkNI2adsK-8CqCn0xSdrFy1g==
X-Firefox-Spdy: h2
biamo.bet/static/dist/915.556573d7286805d2.js
108.156.60.56200 OK 912 B URL HTTP/2 biamo.bet/static/dist/915.556573d7286805d2.js
IP 108.156.60.56:0
File type ASCII text, with very long lines (1364)
Hash 2654c73fa661baf69443abb94382ed1a
e4dc2e7f17064ea4e39f240e3972b421c14345df
d5714089bc86cdc6e5af0d0ebde998df1d16775396a9c69d18cc89a46cb87f17
GET /static/dist/915.556573d7286805d2.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-4f5"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: MTV5dDtuWpYcJYBW2pGrwW1nrKT4IzEiO3Q8J95qh1UHVleIyBn8xw==
X-Firefox-Spdy: h2
biamo.bet/static/languages/en.json?v=20221207.135
108.156.60.56200 OK 52 kB URL HTTP/2 biamo.bet/static/languages/en.json?v=20221207.135
IP 108.156.60.56:0
File type JSON data\012- HTML document, ASCII text, with very long lines (60106)
Hash f46c107f276deb288bc7c645240fb8de
471e1e94bc42c1e9d7da22437ca840172b15631e
9ebef12205fc69bd41e2b0c51bb386cb91570a354aad73742fc76d529abd7e10
GET /static/languages/en.json?v=20221207.135 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:57 GMT
etag: W/"63905685-1537"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 4slxypvtDV1RIxLyboj2Lx_ONRDib6pivQcDgJ634I7oq5avStAw1A==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/burger.svg
108.156.60.56200 OK 153 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/burger.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d251bcefed9a696aead15b544677abd3
de3688524f72a1ba25fd71bc54c7e0ecef594aae
240c20925e481fa21dfeb65e11acc7cf8972f856a757e53e206c7d14c477f29d
GET /gstatic/wlc/icons/burger.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 153
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-99"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _xwwlqXl0M4Z68uoHAIXIR2lG2e-IXL92r9X6vM1ftVBZwJgJa_1MA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/search.svg
108.156.60.56200 OK 386 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/search.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748)
Hash 2612f5a639be9dab0ade20c2c80d0e26
fdf35b99f887a19b85cde53398f7bfd1de2f244d
4a35ce2df0f89a2e6343a3aea34f5cdce971707b064e15d28a20a42299043b40
GET /gstatic/wlc/icons/search.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 386
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-182"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: SfRZ93DLVmEoiqyjeLuxO1lJQdZRJDxuxlcmq4RFrLCVsQIYSUucMw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/scroll-up.svg
108.156.60.56200 OK 388 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/scroll-up.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (506)
Hash 313c7b88e9d2b43922db1c82c2a79b1c
a43460a0287ba3cf01c88aa82dfaa67f36472419
422b00f3d098d6c2fa32f3584bcc8f42562e457613b7c0964713b07bf22af251
GET /gstatic/wlc/icons/scroll-up.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 388
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-184"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xzfrp-oqmhe8fIEVOZfmopmvqzvsINNF07KFWxMIKypbmtu5F0LClg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/promotions.svg
108.156.60.56200 OK 718 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/promotions.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1241)
Hash 6670867e209d2718c0e74e0bc3096483
09b56321bbe90e5d55afa55f15cdb454698415e2
1161fb747bf363aae320a8656da220b47bb81ff7c7149001c17b0697879bd405
GET /gstatic/wlc/icons/european/v1/promotions.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 718
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-2ce"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: bvEnXOa_MAQ7Q7pquzupnsr-jzSZ4hqkG1jeGb1WRtvG1HhVVjwX8g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/tournaments.svg
108.156.60.56200 OK 1.1 kB URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/tournaments.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2228)
Hash 1828bf24b2d3670ec906cc8b0983c4c6
7372b211d64907fce66ca00fdb432fa4edf3432e
d42d25f5dccbd7b937a5331d85d04a201e1a84f44c72fcdd73b7ccf99c36ce74
GET /gstatic/wlc/icons/european/v1/tournaments.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1088
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:24:30 GMT
etag: "6347f56e-440"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: arvNfVUlJlXluPo5yS2DDQfZ6nuqPmnAqczLWChBaU45cLx8tfqzPg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/casino.svg
108.156.60.56200 OK 858 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/casino.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2014)
Hash 15abac6365ae16c7d514226b3b47286f
d79f8d239928afd7b6e2d3056d7dc9881b794432
8ab1737e6c56061d2aaa8a607d4f95b5c969775b46be5dda10f9dffc42efa8ea
GET /gstatic/wlc/icons/european/v1/casino.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 858
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-35a"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: agIXjOWeGynitbPPvQraA3E_-u2jlRV_PxhauqP37SZXmNe0dVeA-g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg
108.156.60.56200 OK 571 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (312)
Hash bb1bd186d96067a50eaf022a084b7737
ca8cc5b2d50bc12a71198cecacf674e2c163f319
bc4714100d17b3873c81b7422b76bf89a15f899484a386e80c298076e788a970
GET /gstatic/wlc/icons/european/v1/sportsbook.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 571
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-23b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PXFHZtUqoeBJuJRfq-pR7C3c-PZx2DUpKYgfFdMqj5ev4gNCsPpgkw==
X-Firefox-Spdy: h2
biamo.bet/static/dist/667.f5f07494ca992278.js
108.156.60.56200 OK 37 kB URL HTTP/2 biamo.bet/static/dist/667.f5f07494ca992278.js
IP 108.156.60.56:0
Hash 10761dd10f7fd431f6920c8b4d4d688f
4fdbfc9fa5092b72c2e32f951e767a41a769e9ec
65ba81b4cd3f24336fe7988a3c692b18a88b06813af1810175a194a6c20691b7
GET /static/dist/667.f5f07494ca992278.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-2607d"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eQlJh2Ca-oc4U1wFea4FJjGC-zCBAi3aXmTa7CafWE5_w8nYXRUzTQ==
X-Firefox-Spdy: h2
biamo.bet/static/fonts/montserrat/Montserrat-400.woff2
108.156.60.56200 OK 89 kB URL HTTP/2 biamo.bet/static/fonts/montserrat/Montserrat-400.woff2
IP 108.156.60.56:0
File type Web Open Font Format (Version 2), TrueType, length 88804, version 1.0\012- data
Hash 6c8807219b0ecffdf96122b80df3e62c
135edfb07b1d07d329434bcf54bac05adf2599be
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
GET /static/fonts/montserrat/Montserrat-400.woff2 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biamo.bet/static/dist/styles.e6fc399f64891d18.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 88804
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-15ae4"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: VOxDv0ZSEBalfrI80Rt5wSBphY3BTGHmZLOGOGg4ji1n5nzH9bm10g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/filter-merchants.svg
108.156.60.56200 OK 795 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/filter-merchants.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (716)
Hash 8dced114baa134f36474c6576e92dfd7
b34c1150dc41b77fc058375edde04363baa54a02
86df121df8797461313777b0abb83f5627d98b8a64c80bd9d11ca87d06957ef8
GET /gstatic/wlc/icons/filter-merchants.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 795
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-31b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:40 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: mktSnNr7OA4DPzBMkE4tP45dq7SE541is0lVjs2orv8STc1fRoAXNQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/age-restrictions.svg
108.156.60.56200 OK 1.1 kB URL HTTP/2 biamo.bet/gstatic/wlc/icons/age-restrictions.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1478)
Hash 9d73c4bbec914e0c2c6a628a98ea7d25
3c45564e1b0662efa91c63be64a4f1edaf00b8f0
77d77ec4e7e1d66c4751e76d062ea1520023217f9bde71ac4ce991b616dc5cfb
GET /gstatic/wlc/icons/age-restrictions.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1141
server: nginx
date: Wed, 07 Dec 2022 17:58:41 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-475"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:41 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Vg1cPpSPYdX8PFBPCpCWnpj4lDqWXEYfBzx98iPoSjwkbHYzAwNpTw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6f4dd03deb6114fec01808b034a711c
c74d29bba44dbb09158da4b9e1b490112c7db915
ddc6721d8a42821c458cf6d5c64ebd10ca0002c95a275be1732cd9ade7bf1b6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10567
x-amzn-requestid: b9b16cdf-bfa2-4e3c-b00f-1704dd3473d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgIC6EgLoAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638986df-3945eea57676d3f91f8f2b3c;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 05:02:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jq1EHQBqVeb9KBozcSUpieXUDHhouxr6YkJrhiqqZ4VP1ZwPV6LHEA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:57:34 GMT
age: 50467
etag: "c74d29bba44dbb09158da4b9e1b490112c7db915"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/lobby.svg
108.156.60.56200 OK 940 B URL HTTP/2 biamo.bet/static/images/categories/lobby.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash cfc236846e4bf5fc95803ea60b01e78e
f4ba4803e16ec3f434d77626ab3e3a6435b56423
5c016cdab6e4cf7aa7eb9a69c31bed346433e70e1d83cbd27c2325b4e485db85
GET /static/images/categories/lobby.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 940
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-3ac"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xB7bOLcCdMeBxwHjQBui_2PKv1U64v368qdWUBXcbsUxLBOb3vksOA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/categories/halloween.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/categories/halloween.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/categories/halloween.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: gQA_Q1yAAr8HkspNa3-wImJQXqoxpZUh-O5GpP_dooL-jDry38MG4A==
X-Firefox-Spdy: h2
biamo.bet/api/v1/jackpots?lang=en¤cy=EUR
108.156.60.56200 OK 41 B URL HTTP/2 biamo.bet/api/v1/jackpots?lang=en¤cy=EUR
IP 108.156.60.56:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 67b577783d7fc4f49d3c4995f5fedc7d
0d52bab965ad24c41b48d0502fed9974fbc09c2c
61ab03a0a60951f36ae77e9291519f64888544c3cad63f367e20523e786b37c5
GET /api/v1/jackpots?lang=en¤cy=EUR HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UA-Fingerprint: 17250ada99912788642c1a45a66515be
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 41
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-geo-detected: nor
expires: Wed, 07 Dec 2022 17:58:52 GMT
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435922.191
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: NgBhl_4T5kvSgg1vQGvp5iDbPXLHTbfo3QWu5NEIiVtJS29u27Y2ew==
X-Firefox-Spdy: h2
biamo.bet/gstatic/categories/crashgame.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/categories/crashgame.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/categories/crashgame.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: b1bwyLBDMDuo2PsQG7ZcS0jm0Wx5nQW6IGEeP98ytPSlAjDhGabP0A==
X-Firefox-Spdy: h2
biamo.bet/static/fonts/montserrat/Montserrat-700.woff2
108.156.60.56200 OK 89 kB URL HTTP/2 biamo.bet/static/fonts/montserrat/Montserrat-700.woff2
IP 108.156.60.56:0
File type Web Open Font Format (Version 2), TrueType, length 88708, version 1.0\012- data
Hash 1eaf59537a9c317acaa4b2c144cd89d6
c974c955950d5522a66abd7d2e388e03c177dd85
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
GET /static/fonts/montserrat/Montserrat-700.woff2 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biamo.bet/static/dist/styles.e6fc399f64891d18.css
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 88708
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: "639055c0-15a84"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: EhVTGTetH-cGgj8QKF7la9sFAgphdp7bEIOeJcwA4Utxh4X7EhE5xw==
X-Firefox-Spdy: h2
scripts.prdredir.com/scripts/k_biamo_bet.js
172.64.161.2200 OK 7.6 kB URL HTTP/2 scripts.prdredir.com/scripts/k_biamo_bet.js
IP 172.64.161.2:0
File type ASCII text, with very long lines (1727)
Hash b5b3a3c2aed0c32510033f239a0c88ad
ef26afa56b5328a73a59d5d66f386b175475fdc1
3a4d68cf245d9cdc69cf01bd09a9e9d4797040f98d150964e66ab5e154caf3f3
GET /scripts/k_biamo_bet.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 61de264d-ed58-49a7-8ee9-6a9f2515048e
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
x-runtime: 0.007254
expires: 2022-11-07 17:58:37 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXqCLe3YxC1HApAFei4ItpYWYARpi2u2xuFe81I%2Fzlq011XMrubXQP3qU1tinhrLoP3fG25EBGURgmMGDjQrXywsVSJL7NnBsVj4%2BpsYeZMdRSUwusJtIePeIqPpVtWlp1GZ%2FV5csA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775f2684196876f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/videopoker.svg
108.156.60.56200 OK 1.6 kB URL HTTP/2 biamo.bet/static/images/categories/videopoker.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash e0340b05790f04ccf55fe902f3620c71
db4b63952bca80e4cc317b5c5200d29c87633cf6
0a26b654a11a14453897c77aceb339a52b1c09efd99c615fa78246dfb524920c
GET /static/images/categories/videopoker.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-d48"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rVQ2LaROiCC1i43R_fILvJ0tZQ64DcIMoqo5dlDCG1NfW8SsMxkoEA==
X-Firefox-Spdy: h2
biamo.bet/api/v1/wins?lang=en&limit=20&min=1&slim=1
108.156.60.56200 OK 2.3 kB URL HTTP/2 biamo.bet/api/v1/wins?lang=en&limit=20&min=1&slim=1
IP 108.156.60.56:0
Hash 1149de9c66aa8f75b27095e3c2157393
4946cc71dede4f6e80d3e0512a77915e4e18ad5e
131e820d29d6fd596a64bc355f6cb9822d557c1fc211220321165ced5a1a2033
GET /api/v1/wins?lang=en&limit=20&min=1&slim=1 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UA-Fingerprint: 17250ada99912788642c1a45a66515be
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-geo-detected: nor
expires: Wed, 07 Dec 2022 17:58:52 GMT
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1670435922.068
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: AYHAQYOuK7cq7HNLKhZ2ZYOVhdopB0eMnLa-Cxur1P5NPIfAqWS2tQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/northernlights.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/northernlights.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/northernlights.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 6KeRY_3m02yIfhhsBo1ZWT4Z4ry4s23kkXR3SZa-MIoBAVEdenvKjA==
X-Firefox-Spdy: h2
biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js
108.156.60.56200 OK 8.2 kB URL HTTP/2 biamo.bet/static/dist/720.4c45d7cc0ea0bb3e.js
IP 108.156.60.56:0
Hash 0de872189da64e9aa47348c3b9ff5119
b5c4e6992b5ebb835bf29a7fe894cc0b5f471aff
ac759fe2246104da87b93d5c71725c0f1f66210a96f61e70c4f4224543d82acf
GET /static/dist/720.4c45d7cc0ea0bb3e.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:40 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-678d"
expires: Thu, 08 Dec 2022 17:58:40 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: brqABI_G_iOEwzV_Iz0wn7iIazQ975U0bHtyJHljEMaPpwAGWcpCUw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/popular.svg
108.156.60.56200 OK 1.8 kB URL HTTP/2 biamo.bet/static/images/categories/popular.svg
IP 108.156.60.56:0
Hash a7fb252126500cebf5dea87af704dd1e
449f1f0ca70d69dc7816575e1b645422e1c53d80
64890675873db876e85d72ae77ffe8c2249f02a5cd15a7db65a3896f61beb086
GET /static/images/categories/popular.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-660"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vpqK1fg9qKEJ9r1ogJ1wT45WSKwZJOnOFUr03SPaLezzBaeTM_YaGg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/electricelephant.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/electricelephant.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/electricelephant.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 9sucW0aG92j4JwKZ24qSRRRgjnzbqg0hk0k5Qv5Vc0TSBsxd0bsQwg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/alchemy.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/alchemy.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/alchemy.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: yIXQ8AMaqa4Yh7T3PSOzJs29FjankmE6sqEHN7X8MsgLdNCncME1Jg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/goldcoin.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/goldcoin.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/goldcoin.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tmWcjLdJrRxzTs9qYIfvPjJyyEeFE3ixq29TEnQ_GPW1DvBbZu-sKw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/bingo.svg
108.156.60.56200 OK 1.3 kB URL HTTP/2 biamo.bet/static/images/categories/bingo.svg
IP 108.156.60.56:0
Hash e7ff625e917059d573c2a47a07b01df2
8b93211e58aceb9f2eee7433bd5d0451aece2a02
23f965c489b82482eb84b5d3d72cf0208b658c1fd58754a03f69f90014be9033
GET /static/images/categories/bingo.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-bcd"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: K31XvCocavnQfDWIjLfVe45LrLw4c5ZpuGC9DtEUQXBmuzv8jY6qLA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/tablegames.svg
108.156.60.56200 OK 1.8 kB URL HTTP/2 biamo.bet/static/images/categories/tablegames.svg
IP 108.156.60.56:0
Hash 5f57e02d89d81087967b8eb2d5021ccb
2d72bd2563035d8db2c716cba76ff6912f5f0726
056826be446f31d7296476255fcd3b1e79003ffb243a3ceead6d3879cd4144c7
GET /static/images/categories/tablegames.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14de"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: tBZUhkLtkQmlffpgFv9G95sboISWfn_KOjdZwGbU0Tha6Tk8ip_Pvg==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/baccaratglobal.svg
108.156.60.56200 OK 1.7 kB URL HTTP/2 biamo.bet/static/images/categories/baccaratglobal.svg
IP 108.156.60.56:0
Hash c8172fe565261f582091e8003ce784df
1830b0939ae767b39be0e0320c69d7f6905a9b9e
b91bfcb8533fc89c6072daf7bb2a50d240365e53436bb819bab829f36575a0d6
GET /static/images/categories/baccaratglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-135f"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aPnggsRXnfPTHYZpL070_6C2WuI2bwTjfddrurfquzMpv2bwEcFvEQ==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/blackjacks.svg
108.156.60.56200 OK 769 B URL HTTP/2 biamo.bet/static/images/categories/blackjacks.svg
IP 108.156.60.56:0
Hash 0c647427bacfa0540ab412f43172fa33
6dd2e59fd90579dc7f5ed45810257f56027f4d28
8146128bbf3a748cd68b3e493b4c9f5209c7b13810dcb1f9782a27a38a435623
GET /static/images/categories/blackjacks.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-4db"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rT1Ej7JkeNluBNAGWYKJdOLi5pLqXJkXkkqFCW2Q_SXWrNu51f9fSg==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/slots.svg
108.156.60.56200 OK 1.6 kB URL HTTP/2 biamo.bet/static/images/categories/slots.svg
IP 108.156.60.56:0
Hash 4140bf60dd290acd1607dab268bdaf4e
fc1c14d8cd0784cafd95e9d9a51351e3567a521c
d7f283344cc194530fbaf2fcd7784e70efc7bda5eaf5d6b404c70280ce6fe973
GET /static/images/categories/slots.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-1bbd"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: kL-I7RRfOulPkP9ojxdA4DbUJm1U5Qg2aamflSRAHOrhX6oT9MdEsA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/scratchcards.svg
108.156.60.56200 OK 1.1 kB URL HTTP/2 biamo.bet/static/images/categories/scratchcards.svg
IP 108.156.60.56:0
Hash ce77ff18ea5e50d28b55876c304b5b62
6d7d375a4b9c701ea2dd0898ae6cc333123c13d2
a6deb79bbf5a748be6241ab02882c7adc9beb518f5d1eb1b2017268198b22b7e
GET /static/images/categories/scratchcards.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-80b"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: T-tOtO7F2zJfpdZMSaNC9nY8E8_yVV_00eJap0l60Vj6CRzFcS_WGA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/storm.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/storm.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/storm.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: pDxwaOvapu-dOTzVRDzuWXAWps0AweesO6skhoJFETRGhnVXNGBdaA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/spearhead.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/spearhead.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/spearhead.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: XYikB6PSMzBYdOC_vl6Y8CyLEgf8jVN1Fmgaw-Z8LbNWx4yvelo5WA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/jackpots.svg
108.156.60.56200 OK 2.0 kB URL HTTP/2 biamo.bet/static/images/categories/jackpots.svg
IP 108.156.60.56:0
Hash d7347b763e183f0286fde714efe656f3
5713ad0058cd604c239945d7b498c499e536cefc
01ab3a6d1910c4dd064d8c7d05d2d04e29fc8912cc34c7ee06ecb1ecdef00796
GET /static/images/categories/jackpots.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14bc"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eiows6ogZk7EJtIZXR81HIabOPZ2fUnaCvi2-DxXZ0AevsLGsGyV9g==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/cayetano.svg
108.156.60.56200 OK 902 B URL HTTP/2 biamo.bet/static/images/categories/cayetano.svg
IP 108.156.60.56:0
Hash e80f8b874fe0af2ad677cd27844ad021
38cb85ab16f2490ecee32d35149fd517d21e4a95
8384c620c80a89bcaa4ecefe79543f2521fe685655c7898040be7c64a7ab2e77
GET /static/images/categories/cayetano.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-79e"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: G8FtaZAMNqzbVSBYSHB9CxPJ2UUPjnnwCDg5HXGRrgdpHGhX84JnTw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/pokerglobal.svg
108.156.60.56200 OK 2.3 kB URL HTTP/2 biamo.bet/static/images/categories/pokerglobal.svg
IP 108.156.60.56:0
Hash cb8b4c427e699e49c935c733af31daca
7aa275a2ae859f3a1f31dc82921c2df3d239bbca
41b86a03002f0e87ccbbcbdcc8974a245162c8fee23d929c06473a49c08e901e
GET /static/images/categories/pokerglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-14c4"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: czB9eMkTTadh7e8aL-j82YHPwUwpRFXnER-SM064QCXNm1NZjHLE2w==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/skillzz.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/skillzz.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/skillzz.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: kVgWVmEelBeRsV67BbLZmCueVGug27Qu6Wd6QhD23MCw5LpxZPUkHw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/virtualsports.svg
108.156.60.56200 OK 890 B URL HTTP/2 biamo.bet/static/images/categories/virtualsports.svg
IP 108.156.60.56:0
Hash 586adf363e3bcb57e8bed6c2fe96d12a
54130e8a253785965ef9bc61ca6b7154f664ca22
c57b724209fd5217c083d0deefe3a90945d537feeb02707db9958b7caf608377
GET /static/images/categories/virtualsports.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Wed, 07 Dec 2022 08:58:40 GMT
etag: W/"639055c0-813"
expires: Thu, 08 Dec 2022 17:58:42 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: UL7u86t2Rp9YxA_4FD-c3jGFSjFO6FyoVKc3hpYxp6Kk-yr_RBNpuw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/rabcat.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/rabcat.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/rabcat.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _4sSRj4f1D9wqq-IwROvDiq4A3Xj7gOV4ShQJ-SQutFaLLO0ZbcuPg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/realistic.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/realistic.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/realistic.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: riZxmXBv3D0j91PI5I6xqE_PHMYwTh52ajDnTdSMii6KUwjHe7tnKA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/microgaming.svg
108.156.60.56200 OK 3.6 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/microgaming.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1194)
Hash b6917a600822d84983caefa1c26a5708
e46135fbec25ad8493b799628a029f48207a1ca9
b8930c07092384078fc60b9fabab1f38331934ac856c3ef459fb204254d146ee
GET /gstatic/merchants/svg/black/microgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3591
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-e07"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 2r47NxCVv_QZc8H-5U9cg3IoNFwp_8-NX2lnI4mnNmue6dlZ6r3XeA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/oldskool.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/oldskool.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/oldskool.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: XbtHLlenqlncERpnFLKNE-PYzdDHKbnjmgER-ze1-Xn_NEgCd9bJ1Q==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/pearfiction.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/pearfiction.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/pearfiction.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: x_x8W0C_OUreYrCd1wUz9aHTw_0tu8igbTFmErNwWz6dBAb3-eUnCg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/pulse8.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/pulse8.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/pulse8.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ReqE21sOU9FmY9dVI_Sy6uN8SQX1jFl7wIrLZaUoApIcvqEtTL7jmw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/lightningbox.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/lightningbox.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/lightningbox.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ZacOaEl4WxprkPWBSMDddBRYGRSPBvz2LlfNGmO22ZFBvH-vmuVLwQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/neonvalley.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/neonvalley.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/neonvalley.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: oHbkgqUTCIoW_jPgk7vJAwQP5iGboKC_C6BIQ5NMNJ-SMWech22mNw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/hacksaw.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/hacksaw.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/hacksaw.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: o4td_I-GoI6SK8L7RmUFmezvgCBXPals3g4DUBa5ifUDIfi9vUUTAg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/jftw.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/jftw.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/jftw.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Ap-v7ju68HqdIxKwdygX5MvCgKr8N5hwxH8wo2LYsT600PIgBKS18A==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/genesis.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/genesis.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/genesis.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 86nbweessnPL3A4nAcASfrumz8iBW6bu2jA_vJtED9QmXX2smWD38g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/goldenrock.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/goldenrock.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/goldenrock.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: yd7v8IZvXJlr6BaOlCigIQJ3QlAPSH0HeK-HD8OFpydS2zGhOwzrmg==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r-NqeoEPWQKepiifIrDHs4FBzgaKiEkEBRd8egTfi6Lnyt7Nrc8cNg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 69998
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/fortunefactory.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/fortunefactory.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/fortunefactory.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aFAuIBcAlkG2AQNf2K4EF72gMQPNwaEoj52fR99JIAmqW4j3mIGnjA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/foxium.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/foxium.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/foxium.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 79yVelw14_zbpr_QyaajEqj1w1Q4NVfuUz5joTBiYXOrG_YFCJ84SQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/gameburger.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/gameburger.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/gameburger.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WBXLhZPLKv8YnOCXs6oa02owc1H-Nsp_expZamdpQC70ipxd8STN2g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/dtech.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/dtech.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/dtech.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: eR50QorYxdHQfAhIT_cSBGiaZZNdTajLHjaRvKaJkKFtE5hbVpB8iA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/gamevy.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/gamevy.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/gamevy.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: rXwLb8TU__Bwr7vX_UPOohJmKnfOC69gbEMSP7Km-zecv8op9ikS9g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/bigtimemg.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/bigtimemg.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/bigtimemg.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: r4m434xbyT7TZqMy4o159ivi00ojdQ_f_c09gy1l016wH2ldzup6yg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/all41.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/all41.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/all41.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: _Qfbp1mvSYstYgjZlEzHzabP5yx_2kjmHiLl_cZ00AZxxMudPzXa3w==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/crazytooth.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/crazytooth.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/crazytooth.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WjElpYgqC4zvPFi0YazA07kWpzv0tCxOcV8Q1AcDC4Pb3dMod7jgLw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/mga.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/mga.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/mga.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 9JNM4Gso07aZCen7OsjYnpNmy8mbeCcwDR9exrqpPZQob7sDx___5A==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/merkur.svg
108.156.60.56200 OK 2.2 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/merkur.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5371), with no line terminators
Hash 95367ce3534364666740edffd16a9266
b1ed8e88c80262d3e54ef79d194569c736c72422
a61e7d07b22dad54449aeb6d0ac59112fe71535c988495a4c5a340418399855f
GET /gstatic/merchants/svg/black/merkur.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2187
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 03 Nov 2022 09:36:30 GMT
etag: "63638b9e-88b"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: luXNl29fbmFR24NkKdp78zGLM5N2jIH2kcfnSz17-kIKErEz94nfqA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/plank.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/plank.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/plank.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: LFDgAkBAyb6Ft3goCWAXdGTzUGTtffslIlUsh1bGPqQlFapv8dVefg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/2by2.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/2by2.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/2by2.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ysojqnrUBJLVe-8QMlegQ2FDOiSYfUT_kQihzvnmTZYGWQCwhzXfLg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/eyecon.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/eyecon.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/eyecon.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: YaeRobr5jnoj9q7G6ddLygingDt7lh9U46Xn9TVuEO__qbemuaJluw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/blueprint.svg
108.156.60.56200 OK 3.9 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/blueprint.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1243)
Hash 7a06b07efce00d3c521475f0a92302ed
88c2cc692cb12a645bc4bdf0ff20255f11b09943
b92140e29f1dc43891ac571187cab2b97946033ab102c49a31bcc77d0fae3261
GET /gstatic/merchants/svg/black/blueprint.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3919
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-f4f"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xkNThG8UVSVmctX2oll9p8Awdijj5dFfEa0GRMAtAsKvgLI2sAyf8Q==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/reeltime.svg
108.156.60.56200 OK 2.1 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/reeltime.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4348), with no line terminators
Hash 9f79771d55aed39ae3706409b9b5a404
c33e581085a6b2dc4d2e7668822a05ed644c4b25
8775eabb7bdfed3329e670001d527e4240ee849f5ed8ac687d5477f45390edb0
GET /gstatic/merchants/svg/black/reeltime.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2124
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-84c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Del9XF3C-MSWNWb9Qubgeaae_6QrCmx31aYHgi4VpqCe1xA1fI5xuQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/spribe.svg
108.156.60.56200 OK 1.7 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/spribe.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1240)
Hash e0f71fef65ad4dc6ec64914d44eff122
6041e1a24977d563c65005952860100e1ace9996
a006a454065798cd63e269b789813d1b0b7a39627af0c36c94366ff01d7b79c2
GET /gstatic/merchants/svg/black/spribe.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1701
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-6a5"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: zX17N7x9jx3uCy9IQJeBcJFPpbVdCw38hi3QPaSLj1RWjLzgBSWKtA==
X-Firefox-Spdy: h2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
143.204.55.67200 OK 68 B URL HTTP/2 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 143.204.55.67:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sun, 27 Nov 2022 10:04:53 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vr1ujiguGdgBdB8Equa9rp5-EKSNVe7Ui9n0aLDMdBqfSDYktRwnpQ==
age: 892430
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/bigtime.svg
108.156.60.56200 OK 2.7 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/bigtime.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5316), with no line terminators
Hash 4ddc176e3f00278ce7b5debfd084eef8
887ec579ea6a1a33bd422d0a78af7b450cfe6aa5
0f989120af9add0d97b767e2f0a51fe16d31b8c65632c2d3da85e1a7201ecba4
GET /gstatic/merchants/svg/black/bigtime.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2685
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-a7d"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: W3VZMtAFcfcVTiTns_SouNdswqoLJMzH8aHnRNcYkEj3ZMY_8e6KzA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/smartsoft.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/smartsoft.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/smartsoft.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: QVJtZmqNJN_ortqP8tFQDTlqQuy5RlB7l7pOsYUYPWKYOOKAz1EWJA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 17:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biamo.bet/gstatic/merchants/svg/black/high5.svg
108.156.60.56200 OK 1.4 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/high5.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2859), with no line terminators
Hash 634454a0eda0dcc24fff2c687a536e53
9e238ab5eab5267b01b0586b719c0dabe660f1e0
34355be3346bcf5411ae2aea8788931c58fbcae501729aeddfe06c0db71e6efe
GET /gstatic/merchants/svg/black/high5.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1439
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-59f"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xCWhoRdp04Vj_snljxKrg_Mej6xR8EadxEb7SMIMNHIXlduVMC7rJQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/435.dc5a588e2b66e929.js
108.156.60.56200 OK 25 kB URL HTTP/2 biamo.bet/static/dist/435.dc5a588e2b66e929.js
IP 108.156.60.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 78e770b348681e48bd514c1873675657
80f96c006a2fd5baf8bdd1922dfa2bf4f1a96190
b28a17bb7776b9b2df76a7f51c4194d06b59002eb3ab12b53a2428004ea94af8
GET /static/dist/435.dc5a588e2b66e929.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-1f8ad"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: NASPrioTBn9ItcUWtqC8SGevgW_LAjMRqEACK7ck_AHQOGXA0ipbmQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/837.e385b283ba609b72.js
108.156.60.56200 OK 34 kB URL HTTP/2 biamo.bet/static/dist/837.e385b283ba609b72.js
IP 108.156.60.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8d19a8fc47e37a286ef0be21513223b2
bfd08f922646cc786b51ebb28b10da6735dd7332
d27ac15b98419910bcdd31bddeb91c567c9628302a62b6e22e755db3adf6d531
GET /static/dist/837.e385b283ba609b72.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-290e6"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Kv1wOpHpPxnDh-nWsmsF1aQU3hiQK6AQYSjzFu5UNZeYLySe0DobxA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/relax.svg
108.156.60.56200 OK 2.1 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/relax.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4897), with no line terminators
Hash fda8a209fcffee68688386483af695e8
556895addb1447f58e0f7b321994819e481108f3
9a105779eb37a2b78722c3e1fa83c4b048381eb9e797491840bd90912eb05f5b
GET /gstatic/merchants/svg/black/relax.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2124
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-84c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ujLSEq5WaQy4j00hEK3e9n9M-mqWOMuobLibzP2AFTDfGbTXz83JRg==
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO
216.58.207.228302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11641679.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 17:58:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/10847281060/?random=1923268104&cv=9&fst=1670435918052&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D6212697906731%3Bgtm%3D2wgbu0%3Bauiddc%3D1020922586.1670435917%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252F%253Ffaff%253D2543&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TtSQY-KFHrCK-cAPhb2ayAI&random=3908621497&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/reelplay.svg
108.156.60.56200 OK 8.6 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/reelplay.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4523)
Hash 2cfc29651d85352bd457f6e35793e0a9
9d3cac31d311338cc4c0e1b84796060620b293bc
c4f7b454104153f96bb05970bb87677f7c6ad938a872b7010e264b264d5cdee8
GET /gstatic/merchants/svg/black/reelplay.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8645
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:24:28 GMT
etag: "6347f56c-21c5"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: z39q7xE1Cm2bNYqJNmfjUnOYluua5V065btk-vdtiDhxw1_XOQCi9w==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/pushgaming.svg
108.156.60.56200 OK 1.6 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/pushgaming.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (716)
Hash bf0a1e4109f68fd0dbf1d471a164ce42
4e5e22daf9ddb5f530b6e718310b6430cb643d98
30776036ba4384e414ecee78935ceb0a967d74ddb1ba1ba99a9082b4e4be70a1
GET /gstatic/merchants/svg/black/pushgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1594
server: nginx
date: Wed, 07 Dec 2022 17:58:42 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-63a"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:42 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: WASnJfYNod2l4IuY06GkXD0uliPPiGoYIvNnbD_aa5XzTvsfcZ7E0g==
X-Firefox-Spdy: h2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid
143.204.55.67200 OK 46 kB URL HTTP/2 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid
IP 143.204.55.67:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/0946832bf0e7bbb4d2975bc68c410bba-www.biamo.bet-5c2667c8f3109312b30c2fcbe6b233536b3dbea9f15707ac31ba7ac68aab9a059d850af0c533f63d0f6440cae96f6d52-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Wed, 07 Dec 2022 17:58:43 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775f26a6ac979be0-FRA
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NqRCXU6e1E73y_wWiySNn3KpsNZHuei-c5P5Ks4evESDjWEy07agMQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/beefee.svg
108.156.60.56200 OK 2.1 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/beefee.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1154)
Hash da02e6c53f231636f6bb1af8738ea129
d2e8c74530e90cbd2a20b600d450d799c1cb574d
954bc9f7ca11f7106b6f3d80463dba25c403e33e1da584ee1cdb88137f58c4a4
GET /gstatic/merchants/svg/black/beefee.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2093
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-82d"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PRuhPPiByMp6HutgfeNkOB2W_e3-Ej8WJ4a-PgcBDlJU3QkTcYAP5w==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/thunderkick.svg
108.156.60.56200 OK 3.5 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/thunderkick.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1044)
Hash 5412f8841972e41ff2d9555d2728da33
11b502351a09f0218376935bc2a722c157c03ed4
35c592333deb26018a85836c2cee5c37c9eb8396c2bf1f04be3cb9322bf72cd9
GET /gstatic/merchants/svg/black/thunderkick.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3456
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-d80"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: ToRSjyx6_H-04-bE_8AzjIn748OCkhWwlLoM6xNLKmpFrdM2YyNwnw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/elkstudios.svg
108.156.60.56200 OK 1.6 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/elkstudios.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3017)
Hash caedaf8030817a2a7bc45ed5e987e92f
0232e39f74b4cd93858fbd49c9638914d58a8c97
714cc169a3e24b0612cbaafe65e34066585a6d563f17292dff3eebc70fc291fd
GET /gstatic/merchants/svg/black/elkstudios.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1634
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-662"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vleruohrpupjkrXn-HgPksI7tP7hy8ECNoDfflxfROVcL0AS0rFcNA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/3oaksgaming.svg
108.156.60.56404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/3oaksgaming.svg
IP 108.156.60.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/3oaksgaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
x-cache: Error from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Y3VJgUiI71mmjFqpRc4E4-fwIIBAu6VeY1goPFC2UMR8WUm2xwP6hA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/fugaso.svg
108.156.60.56200 OK 1.2 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/fugaso.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (673)
Hash d734c040417473b80e1774ed34581da9
702a4c8f918aaae6e252e4d4ac33268d3f958895
7b88b9a9fc746ce0f59b700acec5cb5f52ca13ee0a55c8dc6e560644455997bb
GET /gstatic/merchants/svg/black/fugaso.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1201
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-4b1"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: oq72YpHru5s_Yk8nDp2T_16lJ4mtmEkXiSDcLf95rlwRv6zGIiRAXw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/realtimegaming.svg
108.156.60.56200 OK 2.6 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/realtimegaming.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (733)
Hash d9c250fb7a4744ec853f0e9ec1374e12
25d5d6db92e08f9f8c7d125adbefb8412ef02f16
d0cdfc9b0bcc9a47e9af2d91e62e89e25b8c1a412638c79b9a95681db4557323
GET /gstatic/merchants/svg/black/realtimegaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2614
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-a36"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 5QG5bSFhK9SQXBq5lv7WKK38bLPyeZcrWNo8mt1c4WQyEfZjG4bHig==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/igrosoft.svg
108.156.60.56200 OK 3.8 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/igrosoft.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1312)
Hash ca01c3d6dd49a8bed99783eb5d13fa33
fef8f78f87bd1e2815d62380ccb0a03daacb1b8e
6e49372d55e8e9ebddaf6e121493b7267e7964efccf1128c8572ceffe9adce0b
GET /gstatic/merchants/svg/black/igrosoft.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3848
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-f08"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: aZ72FUEFi_5ZlqJS0ZMm5Y-qw3NX6P67lTp5Ku45w1-X0zN0zAKs2Q==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/genii.svg
108.156.60.56200 OK 1.8 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/genii.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2262)
Hash 4d97edfa5cebb763f46930e7164f0b14
69df9a283f8083f6ebce09d69f94e9ebe5e46745
19b384851c08eca1f2fc6c9dc601807ff63c08042a4d080ff2ae467aa798de9a
GET /gstatic/merchants/svg/black/genii.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1786
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:16 GMT
etag: "6347f434-6fa"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: hLWYlu5lfgzs0C6ejFPe3tFeH_6o-bpBognwKce0HW9PWig1xvUgtQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/redtigergaming.svg
108.156.60.56200 OK 7.7 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/redtigergaming.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12682)
Hash 250678e84b10dd7e33e048545e4a907a
0426522f1698c202f83eeb8c3664db4826c8deb4
b04900ffd6b0fdcc0b8049d8ab945422d0a2b66073227db52c31a77592e68ece
GET /gstatic/merchants/svg/black/redtigergaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7735
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-1e37"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: uw0-r-rNnULSYboLS-aiMWWA4VuzEamiK1WF34JGPfmqwZcEd915yQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/evoplay.svg
108.156.60.56200 OK 2.8 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/evoplay.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2706)
Hash fa084b96ab803413c31371c77066621f
c73ac60a87ee8532be3e0b737ea0a7d28ce91771
cba58b8445fe6258901f8000e00b3c8731eeeb8204b4a3d3c4c83c77954e4724
GET /gstatic/merchants/svg/black/evoplay.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2840
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:19:17 GMT
etag: "6347f435-b18"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: m2ajpCHMjdDCo37EHbDIyDUUlJrR2ATloL9tqlJfYF9HeV1uPdNGig==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/livegames.svg
108.156.60.56200 OK 3.8 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/livegames.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1524)
Hash 725b71ec066803c997676954c6fa27de
26894f767f7f501fc961dfe2670c7fcb31946dd8
54568809610ae42e91de5eddf2687e4a3a710cd017c9d4d82f0d23bbe49bf241
GET /gstatic/merchants/svg/black/livegames.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3822
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-eee"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 8fsOVDjZrd5e1-ul0PNlMSRg88nAaJ4AqluMq2FPh6N0nqT_d4qElg==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/wazdan.svg
108.156.60.56200 OK 1.1 kB URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/wazdan.svg
IP 108.156.60.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (371)
Hash 7f258b175540f0d3731fcb6b50694512
65d18a074c2dbddc5cc70b33a49c2602a8ed509d
b284a09a02ff07bba4f816d0db7458745e9f78c40bbe28909cb5e1bd327764b4
GET /gstatic/merchants/svg/black/wazdan.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1084
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:28 GMT
etag: "6347f56c-43c"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: r7xS6nGd9pGqZSZswyY3wU0vIIJEyYDQcqFag5vwvDAIqP3IJAffYg==
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1426
expires: Sat, 10 Dec 2022 17:58:37 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 775f268369920b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/nolimitcity.svg
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/nolimitcity.svg
IP 108.156.60.56:0
GET /gstatic/merchants/svg/black/nolimitcity.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: public, max-age=31536000
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1; _ym_uid=1670435919862160427; _ym_d=1670435919
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4113
server: nginx
date: Wed, 07 Dec 2022 17:58:43 GMT
last-modified: Thu, 13 Oct 2022 11:24:29 GMT
etag: "6347f56d-1011"
content-encoding: gzip
expires: Wed, 07 Dec 2022 18:58:43 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: qE1ohUCFywpTOlcPAL8KHSAXCNjhqIvp4Z089kOf2QAI2a1IqNskNA==
X-Firefox-Spdy: h2
biamo.bet/static/css/app.loader.css
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/static/css/app.loader.css
IP 108.156.60.56:0
GET /static/css/app.loader.css HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 07 Dec 2022 15:16:08 GMT
last-modified: Wed, 07 Dec 2022 09:02:03 GMT
etag: W/"6390568b-4ef"
expires: Thu, 08 Dec 2022 15:16:08 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: U0HsuP2ny7hly4V0hywselFVbri_vW6_9BRm2a0RkNZCzk3vVZZOxA==
age: 9749
X-Firefox-Spdy: h2
biamo.bet/static/dist/583.4a26d08e24748054.js
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/static/dist/583.4a26d08e24748054.js
IP 108.156.60.56:0
GET /static/dist/583.4a26d08e24748054.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-c890"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: vFFxrVy_54IyNz8mjXw2Tz5DZjoXX3PB_9bCP050nSQNF7N61pOpeg==
X-Firefox-Spdy: h2
biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/static/dist/271.6f5cbf7ace0cb80b.js
IP 108.156.60.56:0
GET /static/dist/271.6f5cbf7ace0cb80b.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-8878"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: HF5vHt5cLe_hD1SncHTumeh679s7b854-uPbI6sy5_Z_Frsdf0tTrQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/459.d1997ede2f658adc.js
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/static/dist/459.d1997ede2f658adc.js
IP 108.156.60.56:0
GET /static/dist/459.d1997ede2f658adc.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/en
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.2.143091376.1670435917; _gid=GA1.2.620247108.1670435918; _gat_UA-199659057-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:39 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-3eaa"
expires: Thu, 08 Dec 2022 17:58:39 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 7FsQ0m6xGsvCtav9AV5zbdKb9wurqQsZ70Z-sBw_HCz2B-F3a2adGw==
X-Firefox-Spdy: h2
biamo.bet/static/dist/974.f30a90cb0ba9f426.js
108.156.60.56200 OK 0 B URL HTTP/2 biamo.bet/static/dist/974.f30a90cb0ba9f426.js
IP 108.156.60.56:0
GET /static/dist/974.f30a90cb0ba9f426.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/?faff=2543
Cookie: _aff=system%3Dfaff%26id%3D2543%26data%3D%26params%3Dfaff%253D2543; faff=faff%3D2543; sitelang=en; _gcl_au=1.1.1020922586.1670435917; __user_id=uid-0439475507.0589206147; _ga_4L2GVL08BD=GS1.1.1670435917.1.0.1670435917.0.0.0; _ga=GA1.1.143091376.1670435917
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 07 Dec 2022 17:58:38 GMT
last-modified: Wed, 07 Dec 2022 09:01:54 GMT
etag: W/"63905682-911"
expires: Thu, 08 Dec 2022 17:58:38 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: PDGD0vPxdhjLLwEijupAIlfp8-yWERIqzp94XZDD5qmlH5Qs3i0MUg==
X-Firefox-Spdy: h2
foodheed.com/irtu/?QBOT.zip
199.188.200.95404 Not Found 0 B URL HTTP/2 foodheed.com/irtu/?QBOT.zip
IP 199.188.200.95:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://foodheed.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 17:58:33 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
88.85.94.246200 OK 0 B URL HTTP/2 thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
IP 88.85.94.246:0
GET /b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 17:58:36 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Wed, 07 Dec 2022 17:58:36 GMT
set-cookie: kadCCap=218665:1:1670219511;221398:1:1670061406;219484:1:1667715065;212269:1:1667199062;222582:1:1669973958;218693:1:1669515516;79610:1:1669272875;223255:1:1670393482;219652:1:1669330335;220335:1:1670435916;194136:1:1669413157;215297:1:1669786163;221352:1:1670163762;222513:1:1670219541;132751:1:1669884292;199455:1:1668245056;222775:1:1669981400;219047:1:1667194435;220790:1:1668460505; max-age=1701971916; path=/
kadACap=419323:1:1669947125;451724:1:1669565807;446714:1:1669965428;410252:1:1669943525;458045:1:1670426588;419299:1:1669735589;451139:1:1669898733;445735:1:1669286676;346329:1:1670226206;419303:1:1670398063;383700:1:1670275546;445788:1:1669918420;407100:1:1668246232;458041:1:1670424583;445506:1:1669286676;449523:1:1670210030;419293:1:1669526430;190964:1:1669272875;419297:1:1670425925;424441:1:1670396486;444748:1:1669841678;419321:1:1669463839;453831:1:1670244468;419301:1:1669646033;445499:1:1670164226;446013:1:1668228435;446531:1:1669270846;419291:1:1670274736;346327:1:1670398317;401659:1:1670416416;442019:1:1670232446;272913:1:1670219562;419295:1:1669929223;450649:1:1670060949; max-age=1701971916; path=/
kadCSCap=223255:1:1670393482;220335:1:1670435916; path=/
kadASCap=458045:1:1670426588;424441:1:1670396486;401659:1:1670416416;458041:1:1670424583;419297:1:1670425925;419303:1:1670398063;346327:1:1670398317; path=/
kadRPixJ=bnVsbA==; max-age=1701971916; path=/
kadUnP3=CAsQu/C/nAYaDQioiJcCEAIYit3AnAYaDQiIrZcCEAEY74DBnAYaDQjowJcCEAIYg7HBnAYaDQiQrJgCEAEYxvTAnAYaDQjgrZgCEAMYoJDCnAYaDQjzwZkBEAEY7YLBnAYaDQivp/4BEAEYu/C/nAYiCggDEAoYit3AnAYiCggBEAEYu/C/nAYqDAikkygQAhiK3cCcBioMCNqXKBABGO+AwZwGKgwI85ooEAIYg7HBnAYqDAiKqSgQAxigkMKcBioMCMPpDBABGLvwv5wGKgwIjL0SEAEY7YLBnAYqDAj09CcQARjG9MCcBg==; max-age=1701971916; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147
172.64.161.2200 OK 0 B URL HTTP/2 rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147
IP 172.64.161.2:0
GET /sync?ref=&lp=https%3A%2F%2Fbiamo.bet%2F%3Ffaff%3D2543&sh=1024&sw=1280&date=1670435917170&fp=uid-0439475507.0589206147 HTTP/1.1
Host: rtg.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 17:58:37 GMT
content-type: image/gif
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4d0a342e-fb5e-4938-abdb-232bc73b1e83
content-disposition: inline; filename="pixel.gif"
x-download-options: noopen
content-transfer-encoding: binary
x-runtime: 0.001703
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: fp=23c9a34a-9dc1-4d1e-937b-3a509bde3d76; domain=prdredir.com; path=/; expires=Tue, 07 Mar 2023 17:58:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97riGSe4icscMKUMaUSBLSoJBSm8I0to1v9YLce%2F3MZ4xP6gY2uaD4wnpaZc4oIUkWEOVkbDSDedXSMJKssc5wbjTJcpcqyOPH1GJS0pjSb2EOUnduLeyX5vujYNO0kt%2BJDk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775f26852aec76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js
143.204.55.67200 OK 0 B URL HTTP/2 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js
IP 143.204.55.67:0
GET /apg-seal.js HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Wed, 07 Dec 2022 17:58:41 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c33-ea5IxAZk6sDvNJXer+bM2DNdzOM"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775f269aec2d90fe-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bm3eGzfTsXLLyQ8bNlBBIxDesBGmououmPjtp10xmoVaYUoa7Chl8w==
X-Firefox-Spdy: h2